A digital signature does not allow any alteration of the document to which it is attached. Appropriate alteration of some signed documents, however, should be allowed because there are security requirements other than the integrity of the document. In the disclosure of official information, for example, sensitive information such as personal information or national secrets is masked when an official document is sanitized so that its nonsensitive information can be disclosed when it is requested by a citizen. If this disclosure is done digitally by using the current digital signature schemes, the citizen cannot verify the disclosed information because it has been altered to prevent the leakage of sensitive information. The confidentiality of official information is thus incompatible with the integrity of that information, and this is called the digital document sanitizing problem. Conventional solutions such as content extraction signatures and digitally signed document sanitizing schemes with disclosure condition control can either let the sanitizer assign disclosure conditions or hide the number of sanitized portions. The digitally signed document sanitizing scheme we propose here is based on the aggregate signature derived from bilinear maps and can do both. Moreover, the proposed scheme can sanitize a signed document invisibly, that is, no one can distinguish whether the signed document has been sanitized or not.

This paper studies the relations among several definitions of anonymity for ring signature schemes in the same attack environment. It is shown that one intuitive and two technical definitions we consider are asymptotically equivalent, and the indistinguishability-based technical definition is the strongest, i.e., the most secure when achieved, when the exact reduction cost is taken into account. We then extend our result to the threshold case where a subset of members cooperate to create a signature. The threshold setting makes the notion of anonymity more complex and yields a greater variety of definitions. We explore several notions and observe certain relation does not seem hold unlike the simple single-signer case. Nevertheless, we see that an indistinguishability-based definition is the most favorable in the threshold case. We also study the notion of linkability and present a simple scheme that achieves both anonymity and linkability.

We say that a signature scheme is strongly existentially unforgeable (SEU) if no adversary, given message/signature pairs adaptively, can generate a signature on a new message or a new signature on a previously signed message. We propose a general and efficient conversion in the standard model that transforms a secure signature scheme to SEU signature scheme. In order to construct that conversion, we use a chameleon commitment scheme. Here a chameleon commitment scheme is a variant of commitment scheme such that one can change the committed value after publishing the commitment if one knows the secret key. We define the chosen message security notion for the chameleon commitment scheme, and show that the signature scheme transformed by our proposed conversion satisfies the SEU property if the chameleon commitment scheme is chosen message secure. By modifying the proposed conversion, we also give a general and efficient conversion in the random oracle model, that transforms a secure signature scheme into a SEU signature scheme. This second conversion also uses a chameleon commitment scheme but only requires the key only attack security for it.

The ring signature allows a signer to leak secrets anonymously, without the risk of identity escrow. At the same time, the ring signature provides great flexibility: No group manager, no special setup, and the dynamics of group choice. The ring signature is, however, vulnerable to malicious or irresponsible signers in some applications, because of its anonymity. In this paper, we propose a traceable ring signature scheme. A traceable ring scheme is a ring signature except that it can restrict "excessive" anonymity. The traceable ring signature has a tag that consists of a list of ring members and an issue that refers to, for instance, a social affair or an election. A ring member can make any signed but anonymous opinion regarding the issue, but only once (per tag). If the member submits another signed opinion, possibly pretending to be another person who supports the first opinion, the identity of the member is immediately revealed. If the member submits the same opinion, for instance, voting "yes" regarding the same issue twice, everyone can see that these two are linked. The traceable ring signature can suit to many applications, such as an anonymous voting on a BBS. We formalize the security definitions for this primitive and show an efficient and simple construction in the random oracle model.

A fair exchange scheme is a protocol by which two parties Alice and Bob exchange items or services without allowing either party to gain advantages by quitting prematurely or otherwise misbehaving. To this end, modern cryptographic solutions use a semi-trusted arbitrator who involves only in cases where one party attempts to cheat or simply crashes. We call such a fair exchange scheme optimistic. When no registration is required between the signer and the arbitrator, we say that the fair exchange scheme is setup-free. To date, the setup-free optimist fair exchange scheme under the standard RSA assumption was only possible from the generic construction of [12], which uses ring signatures. In this paper, we introduce a new setup-free optimistic fair exchange scheme under the standard RSA assumption. Our scheme uses the GQ identity-based signature and is more efficient than [12]. The construction can also be generalized by using various identity-based signature schemes. Our main technique is to allow each user to choose his (or her) own "random" public key in the identity-based signature scheme.

Although much research effort has been devoted to the minimization of total power consumption caused by the clock tree, no attention has been paid to the minimization of the peak current caused by it. In this paper, we propose an opposite-phase clock scheme to reduce the peak current incurred by the clock tree. Our basic idea is to balance the charging and discharging activities. According to the output operation, the clock buffers that transit simultaneously are divided into two groups: half of the clock buffers transit at the same phase of the clock source, while the other half transit at the opposite phase of the clock source. As a consequence, the opposite-phase clock scheme significantly reduces the peak current caused by the clock tree. Experimental data show that our approach can be applied at different design stages in the existing design flow.

Based on the concept of sliding mode control, we study the problem of steady state covariance assignment for bilinear stochastic systems. We find that the invariance property of sliding mode control ensures nullity of the matched bilinear term in the system on the sliding mode. By suitably using Ito calculus, the controller u(t) can be designed to force the feedback gain matrix G to achieve the goal of steady state covariance assignment. We also compare our method with other approaches via simulations.

In ubiquitous networks, Mobile Nodes (MNs) often suffer from performance degradation due to the following two reasons: (1) reduction of signal strength by the movement of an MN and intervening objects, and (2) radio interference with other WLANs. Therefore, handover initiation based on quick and reliable detection of the deterioration in a wireless link condition arising from the above two reasons is essential for achieving seamless handover. In previous studies, we focused on a handover decision criterion and described the problems related to the two existing decision criteria. Furthermore, we showed the effectiveness of the number of frame retransmissions through simulation experiments. However, a comparison of the signal strength and the number of frame retransmissions could not be examined due to the unreliability of the signal strength in simulations. Therefore, in the present paper, by employing FTP and VoIP applications, we compare the signal strength and the number of frame retransmissions as a handover decision criterion with experiments in terms of (1) and (2) in a real environment. Finally, we clarify the problem of the signal strength in contrast to the effectiveness of the number of frame retransmissions as a handover decision criterion.

Instability of SRAM memory cells derived from aggressive technology scaling has been recently one of the most significant issues. Although a 7T-SRAM cell with an area-tolerable separated read port improves read margins even at sub-1V, it unfortunately results in degradation of write margins. In order to assist the write operation, we address a new memory cell employing a look-ahead body-bias which dynamically controls the threshold voltage. Simulation results have shown improvement in both the write margins and access time without increasing the leakage power derived from the body-bias.

A fair exchange scheme is a protocol by which two parties Alice and Bob swap items or services without allowing either party to gain an advantage by quitting prematurely or otherwise misbehaving. Verifiably committed signature is a generalized and unified model for non-interactive optimistic fair exchange scheme. The state-of-the-art verifiably committed signature that enjoys the off-line, setup-free and stand-alone properties is due to Zhu and Bao [1]. In this article, we show that the Zhu-Bao's verifiably committed signature is insecure in the multi-user setting and then consider possible countermeasures.

Because the leakage current of a digital circuit depends on the states of the circuit's logic gates, assigning a minimum leakage vector (MLV) for the primary inputs and the flip-flops' outputs of the circuit that operates in the sleep mode is a popular technique for leakage current reduction. In this paper, we propose a novel probability-based algorithm and technique that can rapidly find an MLV. Unlike most traditional techniques that ignore the leakage current overhead of the newborn vector controller, our technique can take this overhead into account. Ignoring this overhead during solution space exploration may bring a side effect that is misrecognizing a non-optimal solution as an optimal one. Experimental results show that our heuristic algorithm can reduce the leakage current up to 59.5% and can find the optimal solutions on most of the small MCNC benchmark circuits. Moreover, the required CPU time of our probability-based program is significantly less than that of a random search program.

FeedForward (FF-) Blind Source Separation (BSS) systems have some degree of freedom in the solution space. Therefore, signal distortion is likely to occur. First, a criterion for the signal distortion is discussed. Properties of conventional methods proposed to suppress the signal distortion are analyzed. Next, a general condition for complete separation and distortion-free is derived for multi-channel FF-BSS systems. This condition is incorporated in learning algorithms as a distortion-free constraint. Computer simulations using speech signals and stationary colored signals are performed for the conventional methods and for the new learning algorithms employing the proposed distortion-free constraint. The proposed method can well suppress signal distortion, while maintaining a high source separation performance.

In the current broadcasting system or Internet content distribution system, content providers distribute decoders (STB) that contain secret keys for content decryption, prior to content distribution. A content provider sends encrypted content to each user, who then decodes it with his or her STB. While users can get the services at their houses if they have an STB, it is hard for them to get the services outside their houses. A system that allowed users to carry around their secret keys would improve usability, but it would require countermeasures against secret key exposure. In this paper, we propose such an extended broadcasting system using tokens and group signature. The content providers can control the number of keys that users can use outside their houses. The system enables the broadcasters to minimize the damage caused by group signature key exposures and the user to get services outside his or her home.

Decision diagrams are often used for efficient representation of discrete functions in terms of needed storage space and processing time. In this paper, we propose an XML (Extensible Markup Language) based standard for the structural description of various types of decision diagrams. The proposed standard describes elements of the structure common to various types of decision diagrams. It also provides facilities for storing additional information, specific to particular types of decision diagrams. Properties of XML enable us to define a standard that is flexible enough to be applicable to various existing types of decision diagrams as well as new types that could be defined in the future. The existence of such a standard permits efficient storage and exchange of data in decision diagram form between various software systems. In this way, it supports benchmarking, testing and verification of various procedures using decision diagrams as a basic data structure.

In Optical Burst Switching (OBS) networks, one of the main problems is collision between bursts. Most of the previous collision avoidance algorithms divide the Routing and Wavelength Assignment (RWA) problem into two partial problems and treat them separately. This paper focuses on the collision avoidance problem in distributed OBS networks. Our proposal involves cooperation between the routing and the wavelength assignment tasks. The main idea is to classify each wavelength at an output link of a node as suited either to sending or to relaying data bursts. The wavelength most suitable for transmitting bursts changes along the transmission route. Thus, we introduced a novel index called the "Suitability Index" (SI). The SI is a priority index assigned to each pair of output link and wavelength, and its value represents the suitability of that pair for sending or relaying data bursts. The proposed method uses the SI for both routing selection and wavelength assignment. Simulation results show that the proposed method can reduce the burst loss probability, particularly for long distance transmissions. As a result, unfairness in the treatment of short hop and long hop bursts can be reduced.

This paper presents an ultra wideband (UWB) channel sounding scheme with a technique for estimating time of arrival (TOA) and angle of arrival (AOA) using measurement signals. Since the power spectrum over the UWB bandwidth can be measured in advance, we propose a signal model using the measurement power spectrum to design the proper UWB signals model. This signal model is more similar to measurement signals than the flat spectrum model which is an ideal model. If more than three waves impinge on a receiver, we must determine the proper grouping of the elements of TOA vector and AOA vector. It is difficult to determine the grouping using only measurement signals because of many degradation factors. We also propose pairing the elements of TOA vector and that of AOA vector using correlation method based on measurement signals and the proposed signal model. This technique is available for more than the case of three paths if pairing the estimated TOAs and AOAs of measurement signals is not accurately determined. We evaluated the proposed techniques for a vector network analyzer (VNA) with a three-dimensional virtual antenna array.

Full-diversity transmission for space-time block codes (STBCs) with multiple transmit antennas can be achieved by using coordinate interleaved orthogonal designs (CIODs). To effectively evaluate the performance of CIODs, we derive union upper and lower bounds on the symbol-error rate (SER) and a corresponding asymptotic diversity order of symmetric structured CIOD, in particular, with two transmit antennas over quasi-static spatially uncorrelated/correlated frequency-nonselective Rayleigh fading channels. Some numerical results are provided to verify our analysis.

This paper analyses the autocorrelation function of return waveforms in high precision radar altimeters employing chirp-pulse transmit signal under the condition of near-nadir deviations of the antenna boresight axis. It is shown that in case of ultra wideband transmit signals providing very high time resolution the correlation function can be approximated by a product of two separate functions of time.

In this paper, we present a new fast Fourier transform (FFT) algorithm to reduce the table size of twiddle factors required in pipelined FFT processing. The table size is large enough to occupy significant area and power consumption in long-point FFT processing. The proposed algorithm can reduce the table size to half, compared to the radix-22 algorithm, while retaining the simple structure. To verify the proposed algorithm, a 2048-point pipelined FFT processor is designed using a 0.18 µm CMOS process. By combining the proposed algorithm and the radix-22 algorithm, the table size is reduced to 34% and 51% compared to the radix-2 and radix-22 algorithms, respectively. The FFT processor occupies 1.28 mm2 and achieves a signal-to-quantization-noise ratio (SQNR) of more than 50 dB.

The recent progress in sensor and wireless communication technologies has enabled the design and implementation of new applications such as sensor telemetry which is the use of wireless sensors to gather fine-grained information from products, people and places. In this work, we consider a realistic telemetry application in which an area is periodically monitored by a sensor network which gathers data from equally spaced sample points. The objective is to maximize the lifetime of the network by jointly selecting the sensing nodes, the node transmission powers and the route to the base station from each sensing node. We develop an optimization-based algorithm OPT-RE and a low complexity algorithm SP-RE for this purpose and analyze their dynamics through extensive numerical studies. Our results indicate that SP-RE is a promising algorithm which has comparable performance to that of the more computationally intensive OPT-RE algorithm. The energy consumption is significantly affected by the channel access method, and in this paper, we also compare the effects of the collision free TDMA and contention based CSMA/CA methods. We propose practical enhancements to CSMA/CA so that the energy consumption due to collisions is reduced. Our simulation results indicate that with the proposed enhancements contention based channel access can provide comparable performance to that of the collision free methods.